API Authentication

Buddy Punch uses OAuth2 for authentication and authorization.

Written by Eric Updated over a week ago

Buddy Punch uses OAuth2 for authentication and authorization of our API. OAuth2 is a protocol designed to let third-party applications authenticate to perform actions as a user, without getting the user's password. There are several libraries available that implement the protocol, a good list can be found at the OAuth2 home page. Through the use of OAuth2, you'll go through the process of obtaining a token and then you'll use that token in every request made to the API to verify your identity.

How to Obtain a TokenBefore you can make any request of the API, you must first authenticate. Once you've authenticated, you will be given an access token that may be used for all subsequent requests.

Performing the OAuth2 token request flow requires an OAuth client ID and an OAuth client secret. To obtain these application credentials, you will need to contact us directly.